Controlling the access of a large number of users to a vast array of data represents one of the greatest challenges facing the future of the Internet. One example of an immense access control undertaking that will exceed the capabilities of current access control systems relates to the provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
HIPAA will be implemented in accordance with a Rule (Federal Register/Vol. 65, No. 250/Thursday, Dec. 28, 2000/Rules and Regulations p. 82462, 45 CFR Parts 160 and 164, Rin: 0991-AB08, Standards for Privacy of Individually Identifiable Health Information) promulgated by the Department of Health and Human Services (HHS) in an effort to achieve the adoption of industry standards for the electronic transmission of health information. In short, HIPAA requires that all patient information transfers between organizations be in a standardized form and that standards of privacy be maintained. Health Level 7 (HL7) is an organization that creates the standards for storage and interchange of medical records encompassed by HIPAA. Standardization complications include the fact that there are currently about 400 formats for electronic health care claims processing in use nationwide. Further, the need to manage this information will require finely granular (down to the per field level) access to a massively scaled number of records. This access must obey the mandated confidentiality and respect specific patient confidentiality requests.
HL7 has chosen the eXtensible Markup Language (XML) as the basis for structuring medical records for storage and messaging. This language organizes data as a tree structure documents. XML is standardized by W3C, (http://www.w3.org/TR/REC-xml). W3C is an international industry consortium responsible for developing common code standards for the World Wide Web.
Applications storing or transferring medical records will require access control mechanisms to assure that HIPAA requirements are met. It is an object of the present invention to supply this need.
U.S. Pat. No. 6,061,684, “Method and system for controlling user access to a resource in a networked computing environment,” assigned to Microsoft Corporation (Redmond, Wash.), describes a unified and straightforward approach to managing file and other resource security in a networked computing environment. The invention can be implemented in a multi-user computer network that includes a client computer, a server computer that controls a resource sharable among users of the network, such as a shared file folder or directory, and a communications pathway between the client computer and the server computer. The resource is organized as a hierarchy of elements with a root element at the top of the hierarchy and additional elements below the root element. According to the invention, a request is received to change a protection, such as an access permission, of an element of the resource hierarchy (other than the root) with respect to a particular network user. If the element in question lacks an associated access control list, a nearest ancestor element of the hierarchy is located that has an associated access control list. The first (descendant) element inherits the access control list of the second (ancestor) element. This inheritance is done by generating a copy of the access control list of the second element and associating the generated copy with the first element. The requested change in protection is then incorporated into the generated copy that has been associated with the first element so as to establish an updated access control list for the first element. Further, the requested change can be propagated downwards in the hierarchy from the first element to its descendants having access control lists.
U.S. Pat. No. 6,038,563, “System and method for restricting database access to managed object information using a permissions table that specifies access rights corresponding to user access rights to the managed objects,” assigned to Sun Microsystems, Inc. (Palo Alto, Calif.), describes an access control database that specifies access rights by users to specified sets of the managed objects. The specified access rights include access rights to obtain management information from the network. An access control server provides users access to the managed objects in accordance with the access rights specified by the access control database. An information transfer mechanism sends management information from the network to a database management system (DBMS) for storage in a set of database tables. Each database table stores management information for a corresponding class of managed objects. An access control procedure limits access to the management information stored in the database tables using at least one permissions table. A permissions table defines a subset of rows in the database tables that are accessible to at least one of the users. The set of database table rows that are accessible corresponds to the managed object access rights specified by the access control database. A user access request to access management information in the database is intercepted, and the access control procedure is invoked when the user access request is a select statement. The database access engine accesses information in the set of database tables using the permissions tables such that each user is allowed access only to management information in the set of database tables that the user would be allowed by the access control database to access.
U.S. Pat. No. 5,878,415, “Controlling access to objects in a hierarchical database,” assigned to Novell, Inc. (Provo, Utah), describes methods and systems for controlling access to objects in a hierarchical database. The database may include a directory services repository, and/or synchronized partitions. An access constraint propagator reads an access control property of an ancestor of a target object. The access control property designates an inheritable access constraint such as an object class filter or an “inheritable” flag. The object class filter restricts a grant of rights to objects of an identified class. The “inheritable” flag allows inheritance of an access constraint on a specific object property. The propagator enforces the inheritable access constraint by applying it to at least the target object.